Lucene search

[email protected]CVE-2014-4705

HistoryJan 30, 2018 - 5:29 p.m.

CVE-2014-4705

2018-01-3017:29:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2014-4705

esap

huawei

buffer overflow

denial of service

security

vulnerability

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.4%

JSON

Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switches; AR150, AR160, AR200, AR1200, AR2200, AR3200, AR530, NetEngine16EX, SRG1300, SRG2300, and SRG3300 series routers; and WLAN AC6005, AC6605, and ACU2 access controllers allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.

Affected configurations

NVD

Node

huaweis9300Match-

AND

huaweis9300_firmwareMatchv200r001c00spc300

huaweis9300_firmwareMatchv200r002c00spc100

huaweis9300_firmwareMatchv200r003c00spc500

Node

huaweis9700_firmwareMatchv200r001c00spc300

huaweis9700_firmwareMatchv200r002c00spc100

huaweis9700_firmwareMatchv200r003c00spc500

AND

huaweis9700Match-

Node

huaweis7700_firmwareMatchv200r001c00spc300

huaweis7700_firmwareMatchv200r002c00spc100

huaweis7700_firmwareMatchv200r003c00spc500

AND

huaweis7700Match-

Node

huaweis5300_firmwareMatchv200r001c00spc300

huaweis5300_firmwareMatchv200r002c00spc100

huaweis5300_firmwareMatchv200r003c00spc300

AND

huaweis5300Match-

Node

huaweis5700_firmwareMatchv200r001c00spc300

huaweis5700_firmwareMatchv200r002c00spc100

huaweis5700_firmwareMatchv200r003c00spc300

AND

huaweis5700Match-

Node

huaweis6300_firmwareMatchv200r001c00spc300

huaweis6300_firmwareMatchv200r002c00spc100

huaweis6300_firmwareMatchv200r003c00spc300

AND

huaweis6300Match-

Node

huaweis6700_firmwareMatchv200r001c00spc300

huaweis6700_firmwareMatchv200r002c00spc100

huaweis6700_firmwareMatchv200r003c00spc300

AND

huaweis6700Match-

Node

huaweiar150_firmwareMatchv200r003c00spc100

huaweiar150_firmwareMatchv200r003c00spc200

huaweiar150_firmwareMatchv200r003c01spc100

huaweiar150_firmwareMatchv200r003c01spc300

huaweiar150_firmwareMatchv200r003c01spc900

huaweiar150_firmwareMatchv200r005c00spc100

huaweiar150_firmwareMatchv200r005c00spc200

AND

huaweiar150Match-

Node

huaweiar160_firmwareMatchv200r003c00spc100

huaweiar160_firmwareMatchv200r003c00spc200

huaweiar160_firmwareMatchv200r003c01spc100

huaweiar160_firmwareMatchv200r003c01spc300

huaweiar160_firmwareMatchv200r003c01spc900

huaweiar160_firmwareMatchv200r005c00spc100

huaweiar160_firmwareMatchv200r005c00spc200

AND

huaweiar160Match-

Node

huaweiar200_firmwareMatchv200r003c00spc100

huaweiar200_firmwareMatchv200r003c00spc200

huaweiar200_firmwareMatchv200r003c01spc100

huaweiar200_firmwareMatchv200r003c01spc300

huaweiar200_firmwareMatchv200r003c01spc900

huaweiar200_firmwareMatchv200r005c00spc100

huaweiar200_firmwareMatchv200r005c00spc200

AND

huaweiar200Match-

Node

huaweiar1200_firmwareMatchv200r003c00spc100

huaweiar1200_firmwareMatchv200r003c00spc200

huaweiar1200_firmwareMatchv200r003c01spc100

huaweiar1200_firmwareMatchv200r003c01spc300

huaweiar1200_firmwareMatchv200r003c01spc900

huaweiar1200_firmwareMatchv200r005c00spc100

huaweiar1200_firmwareMatchv200r005c00spc200

AND

huaweiar1200Match-

Node

huaweiar2200_firmwareMatchv200r003c00spc100

huaweiar2200_firmwareMatchv200r003c00spc200

huaweiar2200_firmwareMatchv200r003c01spc100

huaweiar2200_firmwareMatchv200r003c01spc300

huaweiar2200_firmwareMatchv200r003c01spc900

huaweiar2200_firmwareMatchv200r005c00spc100

huaweiar2200_firmwareMatchv200r005c00spc200

AND

huaweiar2200Match-

Node

huaweiar3200_firmwareMatchv200r003c00spc100

huaweiar3200_firmwareMatchv200r003c00spc200

huaweiar3200_firmwareMatchv200r003c01spc100

huaweiar3200_firmwareMatchv200r003c01spc300

huaweiar3200_firmwareMatchv200r003c01spc900

huaweiar3200_firmwareMatchv200r005c00spc100

huaweiar3200_firmwareMatchv200r005c00spc200

AND

huaweiar3200Match-

Node

huaweiar530Match-

AND

huaweiar530_firmwareMatchv200r003c00spc100

huaweiar530_firmwareMatchv200r003c00spc200

huaweiar530_firmwareMatchv200r003c01spc100

huaweiar530_firmwareMatchv200r003c01spc300

huaweiar530_firmwareMatchv200r003c01spc900

huaweiar530_firmwareMatchv200r005c00spc100

huaweiar530_firmwareMatchv200r005c00spc200

Node

huaweinetengine16exMatch-

AND

huaweinetengine16ex_firmwareMatchv200r003c00spc100

huaweinetengine16ex_firmwareMatchv200r003c00spc200

huaweinetengine16ex_firmwareMatchv200r003c01spc100

huaweinetengine16ex_firmwareMatchv200r003c01spc300

huaweinetengine16ex_firmwareMatchv200r003c01spc900

huaweinetengine16ex_firmwareMatchv200r005c00spc100

huaweinetengine16ex_firmwareMatchv200r005c00spc200

Node

huaweisrg1300Match-

AND

huaweisrg1300_firmwareMatchv200r003c00spc100

huaweisrg1300_firmwareMatchv200r003c00spc200

huaweisrg1300_firmwareMatchv200r003c01spc100

huaweisrg1300_firmwareMatchv200r003c01spc300

huaweisrg1300_firmwareMatchv200r003c01spc900

huaweisrg1300_firmwareMatchv200r005c00spc100

huaweisrg1300_firmwareMatchv200r005c00spc200

Node

huaweisrg2300Match-

AND

huaweisrg2300_firmwareMatchv200r003c00spc100

huaweisrg2300_firmwareMatchv200r003c00spc200

huaweisrg2300_firmwareMatchv200r003c01spc100

huaweisrg2300_firmwareMatchv200r003c01spc300

huaweisrg2300_firmwareMatchv200r003c01spc900

huaweisrg2300_firmwareMatchv200r005c00spc100

huaweisrg2300_firmwareMatchv200r005c00spc200

Node

huaweisrg3300Match-

AND

huaweisrg3300_firmwareMatchv200r003c00spc100

huaweisrg3300_firmwareMatchv200r003c00spc200

huaweisrg3300_firmwareMatchv200r003c01spc100

huaweisrg3300_firmwareMatchv200r003c01spc300

huaweisrg3300_firmwareMatchv200r003c01spc900

huaweisrg3300_firmwareMatchv200r005c00spc100

huaweisrg3300_firmwareMatchv200r005c00spc200

Node

huaweiwlan_ac6005_firmwareMatchv200r003c00spc100

huaweiwlan_ac6005_firmwareMatchv200r003c00spc200

huaweiwlan_ac6005_firmwareMatchv200r003c00spc300

huaweiwlan_ac6005_firmwareMatchv200r003c00spc500

huaweiwlan_ac6005_firmwareMatchv200r005c00spc100

AND

huaweiwlan_ac6005Match-

Node

huaweiwlan_ac6605Match-

AND

huaweiwlan_ac6605_firmwareMatchv200r003c00spc100

huaweiwlan_ac6605_firmwareMatchv200r003c00spc200

huaweiwlan_ac6605_firmwareMatchv200r003c00spc300

huaweiwlan_ac6605_firmwareMatchv200r003c00spc500

huaweiwlan_ac6605_firmwareMatchv200r005c00spc100

Node

huaweiwlan_acu2Match-

AND

huaweiwlan_acu2_firmwareMatchv200r005c00spc100

CPENameOperatorVersion
huawei:s9300_firmwarehuawei s9300 firmwareeqv200r001c00spc300
huawei:s9300_firmwarehuawei s9300 firmwareeqv200r002c00spc100
huawei:s9300_firmwarehuawei s9300 firmwareeqv200r003c00spc500

CPE	Name	Operator	Version
huawei:s9300_firmware	huawei s9300 firmware	eq	v200r001c00spc300
huawei:s9300_firmware	huawei s9300 firmware	eq	v200r002c00spc100
huawei:s9300_firmware	huawei s9300 firmware	eq	v200r003c00spc500

References

secunia.com/advisories/59349

www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345171.htm

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.4%

JSON

Related for CVE-2014-4705

prion1 nvd1 nessus1 cvelist1 huawei1